TipsMake
Newest
The Quiet Details That Reveal a Reliable Sports Betting PlatformNimbly CleanInstructions on selecting multiple emails in OutlookZodiac Happiness Ranking 2026How to choose the best AI tool for different needs.

Are you backing up your data incorrectly?

Instructions for backing up and storing data on your Android device securely
How to backup data on iPhone or iPad

Cloud backup tools have made us lazy when it comes to data security. We set everything to Auto and forget about its existence. We confuse synchronization (instant updates) with backup (preserving history). While the cloud works seamlessly, it lacks the true ownership of a local server – even though setting up a server might seem outdated and complicated.

 

The price to cloud ease of use is privacy: Your data could be used to train AI models or for vague "experience enhancements" that never really get a full explanation. But since it's hard to give up super-easy-to-use and accessible cloud storage apps, you should consider how to properly secure your data – before something goes wrong with it!

 

The Illusion of Encryption

Your private files aren't really private.

Are you backing up your data incorrectly? Picture 1

 

A common misconception is that encryption means "privacy." After you upload data, such as photos and documents, it's encrypted, but the hosting server holds the key. It's a matter of trust. If the server is hacked, sued, or simply decides to allow an algorithm to use the data for 'training and optimization,' they gain access to everything. This is server-side encryption, and it's the default for a reason: It allows them to sell users features like AI search and organization, but it strips them of true ownership.

But you can prevent storage providers from accessing your data by applying non-disclosure encryption. This simply means you encrypt the data before it's uploaded to the cloud. You own the encryption keys, and the server knows nothing but meaningless characters. You can encrypt data directly on your device, or even use open-source tools like Cryptomator to create an encrypted vault within existing cloud storage.

This certainly leads to an inconvenience that many of us would like to avoid, but that's the price you pay for privacy. It turns your cloud storage into a regular hard drive, which it should have done in the first place.

 

Strong passwords = strong security

Even strong passwords need authentication.

Are you backing up your data incorrectly? Picture 2

 

We often think that setting a strong 16 or 18-digit password is enough to protect our data. And to some extent, that's true – passwords should always be long and strong, but shouldn't be repeated across multiple websites. Hackers use passwords stolen from one website to gain access to another. This is the most common way cloud accounts are compromised.

To truly secure your account, you should always enable at least two-factor authentication or SMS-based two-step verification. However, to secure accounts with sensitive data, you should invest in hardware authentication using a security key like YubiKey or Google Titan. Using this method, you must tap the security key to access your account.

Carrying a physical key for a digital account might seem counterintuitive, but it renders lost passwords useless. A hacker on another continent can't replicate the physical hardware on your desk. It requires a level of proactiveness that software-based security can't match.

Ransomware vulnerability

Don't ignore the threats!

Are you backing up your data incorrectly? Picture 3

 

Ransomware has evolved to exploit our trust in cloud synchronization and backups. Some ransomware variants can also encrypt linked cloud backup drives on your computer, rendering any backups stored in the cloud useless. In that case, sometimes, cloud storage is just as vulnerable as your local storage.

The best defense against this is immutability and strict version control. You need a WORM (Write Once, Read Many) backup history. This ensures that once a backup is created, it cannot be modified or deleted within a certain period, even by the owner (you). To use WORM, you may need to adjust advanced settings or specific software; that's the only guarantee against deletion. It reinforces the "3-2-1 Rule" for data backups: Keep a copy of the data offline or immutable, so that no automation function can destroy it.

Big tech companies are safe enough.

Cloud applications will keep our backups safe.

Are you backing up your data incorrectly? Picture 4

Certainly, multi-billion dollar data centers like these must have data security measures in place. And that argument is true to some extent. But these security measures are typically implemented to protect the platform, not individual data, from their own mistakes.

If your account is compromised due to a weak password or your data is retrieved because it wasn't encrypted on the client side, it's your fault, not theirs.

Relying entirely on the provider's default settings is like assuming the landlord is responsible if you leave your apartment door unlocked. You must proactively take measures to protect your own "door."

That's why the Shared Responsibility Model is the best approach. The cloud service provider is responsible for the security OF the cloud (hardware, network, global infrastructure). You are responsible for security WITHIN the cloud (who has access, how data is encrypted, and data integrity).

Discover more data backup
Isabella Humphrey
Share by Isabella Humphrey
Update 24 January 2026

You should read it